This topic is something that has been coming up more often in conversations with customers when talking about architecture of a modern EUC environment. Enterprises are looking for better ways to manage computers that their users rely on for their work each day. A big portion is application functions such as installing, updating and controlling access. A common request is I don’t want multiple ways to do this type of work, one approach is the desire. To that I say

“No one application delivery strategy to rule them all”

I understand the desire to have one master way to package and deliver applications, especially for large clients. There are plenty of options for doing this. I think that depending on which method you choose it might be ideal for the physical world but break many of the benefits in a virtual world or vice versa. A customer that might have 100,000 users, but only intends on virtualizing 20,000 users. They will be left with two very large environments to manage.

The physical computer environment is very static, customers tend to push applications to computers. This push typically does not need to closely follow the provisioning of the PC. There can be a bit of a delay for the apps to install. Customers are exploring other options such as RDS based options and application virtualization such as AppV, ThinApp and others to help with these issues.

In a virtual desktop environment desktops are provisioned quickly and applications need to be present and ready at the time of user login. There typically is not time in most environments to wait for the classic application push approach, because the desktop may be disposable and would need a push every day or more. Users will also not be willing to wait for the apps to appear after login. Vendors like VMware and Citrix have built multiple options for delivering applications at the point of desktop creation or user login.

The problem breaks down to if you move your legacy physical strategy into the virtual world you will break or loose some of the features and values that virtual desktops delivers. If you want to adopt the tools from VMware or Citrix you will then have to license this application technology for all of the physical devices and that can be very expensive.

This is why I think that people need to be comfortable with having a two strategies. One to modernize their physical PC environment and one for the virtual desktop environment and seek to offer the best and most complete offering in each space. This may or may not require you to package apps twice, but will result in you being able to provide the best possible solution.

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Share this:

Like this:

After talking to a number of customers about the vCloud suite lately and my normal EUC projects I have come to the conclusion that I would like to see VMware offer a Suite of products around their desktop related offerings. I think that this would be desirable for many reasons.

Would be great to see VMware offer the ability within a suite of offering per socket licensing for these EUC products. This would allow companies to design their View deployments to scale very dense helping reduce the licensing costs. I’m sure there will be resistance to this type of licensing since many of these products lend themselves to a per user type of cost.

I have compiled a list of products below that could be offered in two different EUC Suites. The Standard Suite offering customers the ability to implement solid VDI designs with the Enterprise Suite offering customers the ability to utilize the pending full suite of VMware desktop offerings.

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Share this:

Like this:

If you are not familiar with VMware Mirage or you were just wondering what could I use this new application for, I will try and fill in the blanks for you. I was pretty excited when VMware announced that they purchased Wanova and the Mirage product. I think Mirage along with the upcoming Horizon Suite round out the VMware EUC story nicely. Both of the new products take VMware from just being a VDI focused offering to a complete EUC offering.

So what is this Mirage thing? I’ve included the description below from VMware.

With VMware Mirage, IT can centrally manage physical desktops and laptops remotely while their end users continue to leverage all of the local power of those devices. When IT has all of these endpoints centralized, they can perform remote disaster recovery, hardware refreshes, Windows 7 migrations, and single image management. Mirage offers the benefits of centralization and VDI manageability coupled with the power of local execution and persistent end-user personalization.

Here are a few of the most common user cases for VMware Mirage that I find myself talking to customers about on a regular basis. There are probably a few more that I will update as I think of them. If you have an idea drop a note in the comments.

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Share this:

Like this:

After working on a bunch or larger VDI projects last year there was usually several conversations with the security teams of these enterprises that don’t seem to get much press in the VDI world. Lets face it, VDI is new for most of us but it is a total shift for your security team to wrap their heads around this new portable desktop idea. In today’s world the security team is used to their being a hard drive in a PC that captures the activities of the employee for the life of that computer. So if some event takes place and they need to investigate or do forensics on the PC all is there, even if someone tried to cover their tracks.

So the default response of these security team members when you talk VDI and ask what do they need kept from a Windows desktop to be able to do their work? Is they need everything!! Well that does not mesh up with the idea of linked clones, floating pools and the idea of a layered desktop image.

When VDI is done right you are separating the images into layers that include the operating system, applications and user profiles. These layers are then presented back to a user upon login and looks like a personalized desktop for them. But with this method the actual operating system (OS) is some what disposable, meaning that you are reading from a master copy or golden image that is read only. This golden image is shared by all of the users and allows for the desktop to be refreshed at each logoff or on a regular basis keeping the desktops clean. This also allows for easy patching of your virtual desktops, but that is enough of a VDI lesson.

The really fun conversations happen with security when they find out that desktops are created and destroyed automatically and things like page files and temp folders that they are used to have around for the lifetime of the PC are being trashed and recreated on a regular basis. But if you work closely with your security team and find out how their tools work and what parts of an OS or user profile need to be preserved a plan can be formulated and factored in when creating your VDI design.

There are other factors and processes that security is concerned about besides forensics. They will need to adapt the process that cover what is done when an employee is let go for example. Since there is not a desktop that can be held until the process is complete, you will need a method to freeze their VM in time and not allow it to be used by others.

These are all very important conversations and processes to be considered when creating your enterprise virtual desktop design. Make sure to include all necessary teams that will have a stake in your new environment and invite the security team to the table earlier rather than at the last minute. I know nobody likes to talk to those security guys but addressing their questions and concerns earlier will prevent them from putting the breaks on your project in the final stages, until you are able to adapt and meet their demands.

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Share this:

Like this:

Recently VMware released a preview copy of the new View 5 client for Linux that now supports PCoIP. This has been a long time coming, along with the Linux version the Apple version now includes PCoIP support also. I don’t plan on boring you with the install details as most of you are probably more advanced at installing applications on Linux then I am.

To start off after open the View Client you will see a screen that looks like the one below in Image 1. Looks pretty much like all other View Clients, you enter the View Connection Server URL and connect.

Image 1

Once you have tried to connect to the connection server you will be prompted for your login credentials as shown in Image 2 below. The screen shows you what connection server URL you are trying to connect to, mine is blocked out in the image. You can also see to the left of the server URL a warning sign with an unlocked paddle is shown, this is letting me know there is not Certs installed on my connection server. Other than those items its user name, password and domain.

Image 2

Now that we have authenticated we are presented with a list of pools within View that our user ID is entitled to as show in Image 3 below.

Image 3

On Image 4 below you can see that I’ve clicked on the “All Monitors” option that shows me what options I have for monitors and screen sizes for my View Client window.

Image 4

The next option to look at was the display protocol, you can see in the previous image that PCoIP was the default protocol for the pool. In Image 5 below I click on PCoIP and was presented with the option to choose between PCoIP and RDP. This was because this action is allowed on the pool that I was trying to connect to.

Image 5

The final step was to click on the Pool name and I was connected to my View desktop. This is the first I have really had the time to test the Linux View client. I’m pretty happy with what I saw and adding PCoIP support to the Linux platform client is a pretty big deal. In my opinion this gives companies another option of what OS they can now place on their PC endpoints if they do not want to pay for a Windows License. Of course the licensing question is much large depending on if you pay for SA or you purchased a license with the endpoint. But there are plenty of companies out there that could benefit from this approach.

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design

Share this:

Like this:

I was upgrading the lab at work a while back to View 5 and getting familiar with the new Persona Management features. So I thought it would be a good idea to put some of this in writing to share with others. Because I did not see much detailed information around this. In this post I will show you how easy it is to get user persona working in View 5 and how these features are setup and configured. This might be some what of a lengthy post but should be worth the read.

With the release of VMware View 5 came a new feature for persona management or the ability to capture / virtualize the user profile. This is very huge in VDI and is something that VMware has been working towards for awhile now. If you remember they purchased RTO software and have been working on incorporating those features into View. This is the first release with the RTO profile software built in. I do think that VMware will continue to improve and expand these features in upcoming releases.

But all things said I think that View 5 has a lot to offer around user profiles. If you are looking at deploying View 5 give these features a serious look before selecting any 3rd part tool for profile management. Depending on what you user needs are and your admin requirements, View 5 might have everything you need built in.

The persona management features in View 5 are built to work alone or in unison with Windows roaming profiles. The profile is redirected most commonly to a network share. This network share can be backed up via your normal methods and will give you the option of restoring profiles from backups in case of corruption or security concerns. View 5 persona’s are an improvement over roaming profiles because the profile is not copied down on log in or back up at log out. This speeds the process up greatly. The View GPO’s allow for more granular control over the profile’s behavior.

From the image below you can see that enabling the persona management for a pool or group of users is driving off of modifying the group policy for the OU that the desktops or users are located in. To turn on the base features all that is need is to enabled the highlighted key from the image.

Enabeling VMware View Persona Management

In the next image I am showing the option to enable persona management. It’s really an on or off selection, the only other setting is the upload interval in minutes. This controls the upload of any parts of the profile that are download into the VDI desktop while the user is logged in.

How to enable VMware View Persona Management

The next GPO object that I am showing is how to specify the location of the users profile. This is the network share that you want the profile to be stored on. There is the option of specifying the location yourself or using the location that is entered in the users AD account.

Select location to store View Persona profile

The next image is showing an entire GPO folder dedicated to Folder Redirection. This is included when you load the View ADM files that allow for persona management. These allow for easy redirection of specific folders within a users profile that you might want to redirect to a location rather than capture them in the profile. I won’t bore you with the reasons for this because this is nothing new or specific to View persona mgmt. If you are using roaming profiles or a 3rd party profile mgmt tool you will also be considering redirecting some folders.

VMware View Persona Management folder redirection

The image below is showing how I was redirection the users Desktop folder within the profile. I am pointing it to a network share and using the %username% variable just as like the previous steps. To redirect a folder is as simple as enabling the option and providing the location to store it.

VMware View Persona Management desktop folder redirection

The next image below shows a few options that allow you to control the visibility of the profile being redirected. Things like showing a progress window for profile downloads in the background or if icons are displayed in the tray.

VMware View Persona Management

This last image is showing the options are logging.

Logging File name: The full path name of the local View Persona Management log file. This path should include the file name, and cannot be a UNC path.

Logging Destination: Specifies where log message will be sent. Log message can be sent to a local log file and also the debug port.

Brian is a VCDX5-DCV and a Sr. Tech Marketing Engineer at Nutanix and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status 6 years for 2016 - 2011. VCP3, VCP5, VCP5-Iaas, VCP-Cloud, VCAP-DTD, VCAP5-DCD, VCAP5-DCA, VCA-DT, VCP5-DT, Cisco UCS Design